Design/Logic Flaw

2009-10-0914:30:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

High

0.095 Low

EPSS

Percentile

94.8%

JSON

Use-after-free vulnerability in the Sb.SuperBuddy.1 ActiveX control (sb.dll) in America Online (AOL) 9.5.0.1 allows remote attackers to trigger memory corruption or possibly execute arbitrary code via a malformed argument to the SetSuperBuddy method.

CPENameOperatorVersion
superbuddy_activex_controleq9.5.0.1

CPE	Name	Operator	Version
	superbuddy_activex_control	eq	9.5.0.1

References

retrogod.altervista.org/9sg_aol_91_superbuddy.html

secunia.com/advisories/36919

www.securityfocus.com/archive/1/506889/100/0/threaded

www.securityfocus.com/bid/36580

www.vupen.com/english/advisories/2009/2812

exchange.xforce.ibmcloud.com/vulnerabilities/53614

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6704